package software.netcore.unimus.api.rest.v3.security;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import net.unimus.data.schema.system.ApiTokenEntity;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.dao.DataAccessResourceFailureException;
import org.springframework.transaction.CannotCreateTransactionException;
import org.springframework.transaction.TransactionSystemException;
import org.springframework.util.StringUtils;
import org.springframework.web.servlet.HandlerInterceptor;
import software.netcore.unimus.api.rest.common.PublicRestService;

/* loaded from: input_file:BOOT-INF/lib/unimus-api-3.24.1-STAGE.jar:software/netcore/unimus/api/rest/v3/security/AuthenticationInterceptor.class */
public class AuthenticationInterceptor implements HandlerInterceptor {
    private static final Logger log = LoggerFactory.getLogger((Class<?>) AuthenticationInterceptor.class);
    public static final String HEADER_NAME = "Authorization";
    public static final String AUTH_SCHEMA = "Bearer ";
    private final PublicRestService restService;

    @Override // org.springframework.web.servlet.HandlerInterceptor
    public boolean preHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object obj) throws Exception {
        log.debug("Authenticating request: '{}' from '{}'", httpServletRequest.getRequestURI(), httpServletRequest.getRemoteAddr());
        String header = httpServletRequest.getHeader("Authorization");
        if (!StringUtils.hasText(header)) {
            log.warn("Auth header not found, from: '{}'", httpServletRequest.getRemoteAddr());
            throw new AuthenticationException();
        }
        if (!header.startsWith("Bearer ")) {
            log.warn("Bad auth schema, from: '{}'", httpServletRequest.getRemoteAddr());
            throw new AuthenticationException();
        }
        String substring = header.substring("Bearer ".length());
        try {
            ApiTokenEntity findApiToken = this.restService.findApiToken(substring);
            if (findApiToken == null) {
                log.warn("Auth token not found, from: '{}'", httpServletRequest.getRemoteAddr());
                throw new AuthenticationException();
            }
            if (this.restService.validateApiToken(substring, findApiToken.getSecret())) {
                return true;
            }
            log.warn("Auth token is not invalid, from: '{}'", httpServletRequest.getRemoteAddr());
            throw new AuthenticationException();
        } catch (DataAccessResourceFailureException | CannotCreateTransactionException | TransactionSystemException e) {
            log.warn("Failed to retrieve token", e);
            throw new AuthenticationException();
        }
    }

    public AuthenticationInterceptor(PublicRestService publicRestService) {
        this.restService = publicRestService;
    }
}
